-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AppArmor support #24
Comments
Original issue here: kubernetes/kubernetes#22159 |
Automatic merge from submit-queue AppArmor design proposal For kubernetes/enhancements#24 /cc @kubernetes/sig-node @erictune @matchstick
@timstclair it looks like the docs PR number is outdated. Please update the PR number and check the docs box once it's done |
Fixed. Thanks @janetkuo ! |
Docs kubernetes/website#1147 - @kubernetes/docs |
Is there an issue? I merged this one in last week. On Sep 21, 2016 1:30 PM, "Tim St. Clair" notifications@github.com wrote:
|
No, I was just following the instructions at the bottom of the issue, which I hadn't done before... |
Issues go stale after 90d of inactivity. Prevent issues from auto-closing with an If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or |
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
/remove-lifecycle rotten |
@tallclair @liggitt If so, can you please ensure the feature is up-to-date with the appropriate:
cc @idvoretskyi |
Reminder of the 3rd of July deadline! |
Howdy @timstclair and @vinayakankugoyal, SIG Docs co-chair here 👋 I wanted to add another reminder about the docs deadline for this enhancement: updating feature gates qualifies as requiring documentation as far as Release Docs is concerned, so please check out @Princesso's reminder above to ensure you meet the deadline today |
@natalisucks - I added a draft PR for this feature. Thanks! |
A question, is the annotation |
We have a new field. |
OK, cool. The new thing is documented; we also need to document the deprecated thing (and tell people to switch to the new thing). We leave deprecated annotations documented forever. |
Hey again @vinayakankugoyal and @tallclair 👋 Enhancements team here, Just checking in as we approach code freeze at 02:00 UTC Wednesday 24th July 2024 / 19:00 PDT Tuesday 23rd July 2024. Here's where this enhancement currently stands:
For this enhancement, it looks like the following PRs are open and need to be merged before code freeze: Please let me know if there are other PRs in k/k we should be tracking for this KEP, and please update your enhancement description with the requisite PRs. If you anticipate missing code freeze, you can file an exception request in advance. As always, we are here to help if any questions come up. Thanks! |
@vinayakankugoyal Please let us know if kubernetes/kubernetes#125257 is the only PR that we need to track for this KEP. |
Hi @sreeram-venkitesh. Yes kubernetes/kubernetes#125257 is the only PR associated with this KEP. |
Awesome, marking the KEP as |
@tallclair in preparation for the next release, now that this KEP has been implemented, would you kindly update the KEP status to |
I moved this for |
Hello 👋 1.32 Enhancements Lead here, I'm closing milestone 1.31 now, /milestone clear |
Inadvertently added this to the 1.32 tracking board /remove-label lead-opted-in |
Remaining work, copied from the KEP (https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/24-apparmor/README.md#removing-annotation-support)
|
Description
Add AppArmor support to Kubernetes. Initial support should include the ability to specify an AppArmor profile for a container or pod in the API, and have that profile applied by the container runtime.
Progress Tracker
/pkg/apis/...
)Code needs to be disabled by default. Verified by code OWNERSAppArmor is enabled by default, but gated by a feature-gate: Add AppArmor feature gate kubernetes#31473
FEATURE_STATUS is used for feature tracking and to be updated by @kubernetes/feature-reviewers.
FEATURE_STATUS: BETA
More advice:
Design
Coding
and sometimes http://github.com/kubernetes/contrib, or other repos.
check that the code matches the proposed feature and design, and that everything is done, and that there is adequate
testing. They won't do detailed code review: that already happened when your PRs were reviewed.
When that is done, you can check this box and the reviewer will apply the "code-complete" label.
Docs
The text was updated successfully, but these errors were encountered: